<?php
/*
 * Search for users.
 */

// authenticate user first
F3::call('authentication.php');
if (F3::exists('auth_error'))
{
  // authentication failed
  return;
}

if(F3::exists("SESSION.user_id")):
	$user_id = F3::get('SESSION.user_id');
elseif(F3::exists("PARAMS.user_id")):
	$user_id = F3::get('PARAMS.user_id');
else:
	$user_id = -1;	
endif;

// check admin status
$param = array('1' => $user_id);
$admin = DB::sql("SELECT id from admin WHERE id=?", $param);
if(count($admin)>0):
	$admin = 1;
else:
	header('HTTP/1.1 500 Internal Server Error');
	header("Content-Type: application/json");
	$err = array("error_message" => "User is not an administrator.");
	echo json_encode($err);
	return;
endif;

$result = DB::sql("select * from user",NULL);
$response = array();
foreach ($result as $row) {
	$r = array();
	$r['id'] = $row['id'];
	$r['email'] = $row['email'];
	$r['nickname'] = $row['nickname'];
	$r['fname'] = $row['fname'];
	$r['lname'] = $row['lname'];
	$r['gender'] = $row['gender'];
	$r['dob'] = $row['dob'];
	$r['SelfDescription'] = $row['SelfDescription'];
	array_push($response, $r);
}

header('HTTP/1.1 200');
header("Content-Type: application/json");
echo json_encode($response);

?>
